package org.forum.controller;

import org.apache.struts2.ServletActionContext;
import org.forum.controller.Interface.PAGES;
import org.forum.domain.User;
import org.forum.service.UserAuthorityService;
import org.forum.utils.JsonUtil;
import org.forum.utils.SecurityCodeUtil;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * 0、跳转到登陆页面
 * 1、登陆
 * 2、产生登陆验证码并返回验证码
 * 3、Ajax检验验证码是否正确
 * 4、退出登陆
 * @author One
 *
 */
public class UserAuthorityController {

	Logger logger = LoggerFactory.getLogger(UserAuthorityController.class);
	
	public static final String SECURITYCODE_WRONG = "securitycode_wrong";
	
	public static final String SECURITYCODE_RIGHT = "securitycode_right";
	
	public static final String PASSWORD_WRONG ="password_wrong";
	
	//struts注入
	private String loginSecurityCode;
	
	public void setLoginSecurityCode(String loginSecurityCode) {
		this.loginSecurityCode = loginSecurityCode;
	}
	
	private User user;
	//必须提供getter方法
	public User getUser() {
		return user;
	}

	public void setUser(User user){
		this.user = user;
	}
	
	//spring注入
	private JsonUtil jsonUtil;

	public void setJsonUtil(JsonUtil jsonUtil) {
		this.jsonUtil = jsonUtil;
	}
	//
	private UserAuthorityService userAuthorityService;

	public void setUserAuthorityService(UserAuthorityService userAuthorityService) {
		this.userAuthorityService = userAuthorityService;
	}
	
	//
	private SecurityCodeUtil securityCodeUtil;

	public void setSecurityCodeUtil(SecurityCodeUtil securityCodeUtil) {
		this.securityCodeUtil = securityCodeUtil;
	}
	
	//返回json数据
	private String loginResult;
	
	public String getLoginResult() {
		return loginResult;
	}
	
	private User userInfo;

	public User getUserInfo() {
		return userInfo;
	}

	/**
	 * @通过验证 
	 * 1、密码正确通过
	 * 2、密码错误通过
	 * 3、验证码错误通过
	 * 4、验证码正确通过
	 * @not_pass
	 * 1、未处理用户不存在的情况
	 * 
	 * 在检验验证码之前需要先对将生成的检验码放入session
	 * 1、检验验证码是否正确；在此之前已经通过jq验证过验证码，此时再次进行验证以防止其他形式网络攻击;
	 * 2、检验密码是否正确；
	 * @return
	 */
	public String login(){
		//如果必要检查验证码（后台在进行检查验证码是否正确）
		String securityCode = (String)ServletActionContext.getRequest()
				.getSession(true).getAttribute("SecurityCode");
		if(logger.isDebugEnabled()){
			logger.debug("securityCode:" + securityCode + " loginSecurity:" +loginSecurityCode );
		}
		if(!securityCode.equalsIgnoreCase(loginSecurityCode) ){
			loginResult = SECURITYCODE_WRONG;
			return PAGES.LOGINRESULT;
		}
		//检查密码是否正确
		if((userInfo=userAuthorityService.verifyPassword(user)) == null){
			if(logger.isDebugEnabled()){
				logger.debug("password wrong!" + "\n" + user.toString());
			}
			loginResult = PASSWORD_WRONG;
			return PAGES.LOGINRESULT;
		}
		//登陆成功，将用户信息存储在servlet session中，跳转至个人中心
		user = userAuthorityService.findUserByUsername(user);
		ServletActionContext.getRequest().getSession().setAttribute("user", user);
		loginResult="login_successful";
		return PAGES.LOGINRESULT;
	}
	
	/**
	 * @通过验证
	 * 跳转到登陆页面
	 * @return
	 */
	public String loginPage(){
		return PAGES.LOGINPAGE;
	}
	
	/**
	 * @通过验证
	 * 生成登陆验证码
	 */
	public void loginSecurityCode(){
		try {
			securityCodeUtil.generateSecurityCode();
		} catch (Exception e) {
			if(logger.isDebugEnabled()){
				logger.debug("产生登陆验证码错误" + "\n" + e.getMessage());
			}
		}
	}
	
	/**
	 * 
	 */
	public void verifySecurityCode(){
		
	}
	
	/**
	 * @pass_Test
	 * 退出登陆
	 */
	public String logout(){
		ServletActionContext.getRequest().getSession().invalidate();
		JSONObject jsonObject = new JSONObject();
		return PAGES.HOMEPAGE;
	}
	
}
